package com.shaonianyou;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.BeanIds;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

import com.shaonianyou.component.CustUsernamePasswordAuthenticationFilter;
import com.shaonianyou.component.RestAuthenticationEntryPoint;
import com.shaonianyou.component.UserDetailsServiceImpl;

//@Configuration
public class ApplicationSecurity extends WebSecurityConfigurerAdapter {

	@Autowired
	private SecurityProperties security;

	@Autowired
	private UserDetailsServiceImpl userDetailsService;

	@SuppressWarnings("unused")
	private RestAuthenticationEntryPoint restAuthenticationEntryPoint = new RestAuthenticationEntryPoint("/login");

	private CustUsernamePasswordAuthenticationFilter custUsernamePasswordAuthenticationFilter = new CustUsernamePasswordAuthenticationFilter();

	@Bean(name = BeanIds.AUTHENTICATION_MANAGER)
	@Override
	public AuthenticationManager authenticationManagerBean() throws Exception {
		return super.authenticationManagerBean();
	}
	
	@Bean
	public CustUsernamePasswordAuthenticationFilter custUsernamePasswordAuthenticationFilter() throws Exception {
		custUsernamePasswordAuthenticationFilter.setAuthenticationManager(authenticationManagerBean());
		return custUsernamePasswordAuthenticationFilter;
	}

	@Override
	public void configure(WebSecurity web) throws Exception {
		web.ignoring().antMatchers("/static/**", "/**/*.js", "/**/*.css", "/**/*.jpg", "/**/*.png", "/**/*.tff",
				"/**/*.woff", "/**/*.woff2", "/**/*.gif", "/upload/*.wav", "/**/*.wav", "/upload/*.ogg", "/**/*.ogg");
	}
	
	@Bean
	public CustUsernamePasswordAuthenticationFilter authenticationFilter() throws Exception {
		CustUsernamePasswordAuthenticationFilter authFilter = new CustUsernamePasswordAuthenticationFilter();
		authFilter.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher("/login", "POST"));
		authFilter.setAuthenticationManager(authenticationManagerBean());
		authFilter.setAuthenticationSuccessHandler(new SimpleUrlAuthenticationSuccessHandler("/index"));
		authFilter.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler("/login?error"));
		return authFilter;
	}

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.headers().frameOptions().sameOrigin()
			.and()
				.authorizeRequests()
				.antMatchers("/*/*","index#/menu/*")
				.permitAll()
//				.anyRequest().authenticated()
			.and()
//				.addFilterBefore(custUsernamePasswordAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
				.formLogin().loginPage("/login").defaultSuccessUrl("/index", true).failureUrl("/login?error").permitAll()
			.and()
				.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED).invalidSessionUrl("/login")
			.and()
				.logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/login")
			.and()
				.csrf().disable();//.exceptionHandling().authenticationEntryPoint(restAuthenticationEntryPoint);

	}

	
	/*@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
		provider.setUserDetailsService(userDetailsService); 
//		provider.setPasswordEncoder(new Md5PasswordEncoder());
		auth.authenticationProvider(provider);
	}*/
	 

	@Override
	public void configure(AuthenticationManagerBuilder auth) throws Exception {
		auth.eraseCredentials(false).inMemoryAuthentication().withUser("admin").password("admin")
				.roles("ADMIN", "SUPERVISOR", "USER").and().withUser("user").password("user").roles("USER");
	}

}
